BSomers reports that Capri Williams, formerly employed as a nurse at Commonwealth Primary Care, is facing federal charges of bank fraud and identity theft. She is scheduled for her first court appearance on Friday. The US Attorney’s Office said she used personal information from hundreds of patients to try and open new bank and credit accounts. In one case,…
Category: U.S.
Texas Health & Human Services Commission notifies 600 after contractor can’t locate 600 records
The Texas Health & Human Services Commission posted this notification to their site on June 17: The Health and Human Services Commission is notifying people about the accidental loss of protected health information. The breach may affect a little more than 600 people who applied for benefits. Iron Mountain, an HHSC contractor, was storing boxes…
NYS: Inadvertent release to adoptee of birth mother’s identity leads to reforms
Another “small” privacy breach with big impact. In this case, the big impact was an overhaul of the state’s system. From their press release: New York State Inspector General Catherine Leahy Scott yesterday released a report of an investigation that found the State Department of Health’s (“DOH”) complex and antiquated storage of vital records led to…
Information on 154 million voters exposed in the cloud – again. (Updated)
MacKeeper Security Researcher Chris Vickery has found yet another misconfigured database with U.S. voter information and profiles. This one has 154 million records. See my report about it over on the Daily Dot. One day maybe our government or state attorneys general will start actually enforcing some data security on those who create these massive…
ME: Portland Jetport loses thumb drive with personal info of 950 employees
The Bangor Daily News reports: The Portland Jetport says it’s lost or misplaced a USB thumb drive containing personal information of 950 employees. The personal information includes names, addresses, dates of birth and social security numbers. Read more on BDN. The Portland Press Herald adds that the drive, which also includes the personal information of…
Carbonite forces password reset after password reuse attack
Should a company force an entire user password reset proactively because some users’ credentials, obtained elsewhere, are being used to attempt to steal their data? Carbonite, a provider of online computer and server backup services, notified its more than 1.5 million individual and small business customers that they were forcing a password reset. The reset, announced…